VYPR

PyPI package

fastapi-sso

pkg:pypi/fastapi-sso

Vulnerabilities (1)

  • CVE-2025-14546MedDec 19, 2025
    affected < 0.19.0fixed 0.19.0

    Versions of the package fastapi-sso before 0.19.0 are vulnerable to Cross-site Request Forgery (CSRF) due to the improper validation of the OAuth state parameter during the authentication callback. While the get_login_url method allows for state generation, it does not persist th